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WTDING CLAIMS 

1. (previously presented) A method of enabling use of a secure password, comprising: 

during power up initialization before an operating system is started, copying security data 
from an unsecure memory device in a computer to a restricted portion of the computer's system 
memory which is invisible to the operating system, wherein the restricted portion of the 
computer's system memory contains code and data needed for low level system control functions 
that are independent of the operating system, and wherein a writing of data into the restricted 
portion of the computer's system memory is authorized only for a trusted software entity that has 
been authenticated as having permission to access the restricted portion of the computer's system 
memory; and 

before starting the operating system, hard locking the memory device against direct 
access so that a reset signal is required to unlock the memory device, 

2. (original) The method of claim 1, further comprising: 

responsive to receiving an entered password under the operating system, calling a routine 
executing within the restricted portion of system memory to verify the password; and 

receiving an indication from the routine regarding whether the entered password matched 
a password within the security data copied to the restricted portion of system memory from the 
memory device. 

3. (original) The method of claim 1, wherein the step of copying security data from a memory 
device to a restricted portion of system memory which is invisible to the operating system further 
comprises: 

checking a return address for a call requesting that the security data be copied to verify 
that the call originated with a trusted routine. 

4. (original) The method of claim 3, wherein the step of checking a return address for a call 
requesting that the security data be copied to verify that the call originated with a trusted routine 
further comprises: 
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placing a label within a basic input/output services routine implementing a process for 
copying the security data immediately after instructions for the call requesting that the security 
data be copied; 

placing an address for the label within code executing within the restricted portion of 
system memory and checking the return address for the call requesting that the security data be 
copied; 

comparing the return address and the address for the label; 

responsive to determining that the return address does not match the address for the label, 
returning a null response to the call requesting that the security data be copied; and 

responsive to deteimining that the return address matches the address for the label, 
copying the security data to the restricted portion of system memory and resetting a retry 
counter. 

5. (original) The method of claim 1, wherein the step of copying security data from a memory 
device to a restricted portion of system memory which is invisible to the operating system further 
comprises: 

copying the password and other sensitive data which requires protection from access 
under the operating system. 

6. (original) The method of claim 1, wherein the step of copying security data from a memory 
device to a restricted portion of system memory which is invisible to the operating system further 
comprises: 

loading the security data to regular system memory prior to initiating the call requesting 
that the security data be copied; and 

upon receiving any response to the call requesting that the security data be copied, 
erasing the security data from regular system memory before starting the operating system. 

7. (previously presented) A method of enabling use of a secure password, comprising: 

responsive to receiving an entered password under an operating system, calling a routine 
executing within a restricted portion of system memory to verify the password, wherein the 
restricted portion of system memory is invisible to the operating system and wherein the 
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operating system and routines executing within the restricted portion of system memory 
communicate through a calling convention, and wherein the restricted portion of the system 
memory contains code and data needed for low level system control functions that are 
independent of the operating system, and wherein a writing of data into the restricted portion of 
the system memory is authorized only for a trusted software entity that has been authenticated as 
having permission to access the restricted portion of the system memory; and 

receiving only an indication from the routine executing within the restricted portion of 
memory regarding whether the entered password matched a password stored within the restricted 
portion of system memory. 

8. (original) The method of claim 7, further comprising: 

during power up initialization before the operating system is started, copying a password 
from a memory device to the restricted portion of system memory; and 

before starting the operating system, hard locking the memory device against direct 
access so that a reset signal is required to unlock the memory device. 

9. (original) The method of claim 7, further comprising: 

determining whether a password is required for an operation by checking with the routine 
executing within a restricted portion 6f system memory to verify existence of a password. 

10. (original) The method of claim 7, further comprising: 

limiting a number of retries for a user to reenter a password. 

1 1 . (original) The method of claim 7, further comprising: 

transmitting the entered password entered by a user to the routine executing within a 
restricted portion of system memory using the calling convention; and 

responsive to receiving an indication from the routine executing within foe restricted 
portion of memory that the entered password matched the password stored within the restricted 
portion of system memory, continuing an operation requiring the entered password for execution. 

12. (previously presented) A data processing system, comprising: 
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a memory device which may be hard locked against direct access so that a reset signal is 
required to unlock the memory device; and 

a power up initialization routine executing within the data processing system, wherein the 
power up initialization routine, before starting an operating system, copies security data from the 
memory device in a computer to a restricted portion of the computer's system memory which is 
invisible to the operating system and hard locks the computer's memory device, wherein the 
restricted portion of the computer's system memory contains code and data needed for low level 
system control functions that are independent of the operating system, and wherein a writing of 
data into the restricted portion of the computer's system memory is authorized only for a trusted 
software entity that has been authenticated as having permission to access the restricted portion 
of the computer's system memory. 

13. (original) The data processing system of claim 12, wherein the power up initialization 
routine, responsive to receiving an entered password under the operating system, calls a routine 
executing within the restricted portion of system memory to verify the password and receives an 
indication from the routine regarding whether the entered password matched a password within 
the security data copied to the restricted' portion of system memory from the memory device. 

14. (original) The data processing system of claim 13, wherein the routine executing within the 
restricted portion of system memory checks a return address for a call requesting that the security 
data be copied to verify that the call originated with a trusted routine. 

15. (original) The data processing system of claim 13, wherein the power up initialization 
routine, to facilitate checking a return address for a call requesting that the security data be 
copied to veri^ that the call originated with a trusted routine, places a label within a basic 
input/output services routine implementing a process for copying the security data immediately 
after instructions for the call requesting that the security data be copied, wherein the routine 
executing within the restricted portion of system memory contains an address for the label, 
checks the return address for the call requesting that the security data be copied, and compares 
the return address and the address for the label and, responsive to determining that the return 
address does not match the address for the label, returning a null response to the call requesting 
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that the security data be copied, and responsive to determining that the return address matches 
the address for the label, copying the security data to the restricted portion of system memory 
and resetting a retry counter. 

16. (original) The data processing system of claim 12 7 wherein the power tap initialization 
routine copies the password and other sensitive data which requires protection from access under 
the operating system. 

17. (original) The data processing system of claim 12 p wherein the - power up initialization 
routine loads the security data to regular system memory prior to initiating the call requesting 
that the security data be copied and, upon receiving any response to the call requesting that the 
security data be copied, erases the security data from regular system memory before starting the 
operating system. 

1 8 . (previously presented) A data processing system, comprising: 

an operating system; 

a memory device which may be hard locked against direct access so that a reset signal is 
required to unlock the memory device; 

a system memory including a restricted portion invisible to the operating system, wherein 
the operating system and routines executing within the restricted portion of system memory 
communicate through a calling convention; and 

a power up initialization routine executing within the data processing system, wherein the 
power up initialization routine, responsive to receiving an entered password under an operating 
system, calls a routine executing within a restricted portion of system memory to verify the 
password, and receives only an indication from the routine executing within the restricted portion 
of memory regarding whether the entered password matched a password stored within the 
restricted portion of system memory, wherein the restricted portion of the system memory 
contains code and data needed for low level system control functions that are independent of the 
operating system, and wherein a writing of data into the restricted portion of the system memory 
is authorized only for a trusted software entity that has been authenticated as having permission 
to access the restricted portion of the system memory. 
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19. (original) The data processing system of claim 18, wherein the power up initialization 
routine, during power up initialization before the operating system is started, copies a password 
from the memory device to the restricted portion of system memory and, before starting the 
operating system, hard locks the memory device against direct access so that a reset signal is 
required to unlock the memory device. 

20. (original) The data processing system of claim 18, wherein the power up initialization 
routine determines whether a password is required for an operation by checking with the routine 
executing within a restricted portion of system memory to verify existence of a password, 

21. (original) The data processing system of claim 18, wherein the routine executing within a 
restricted portion of system memory to verify the password limits a number of retries for a user 
to reenter a password. 

22. (original) The data processing system of claim 18, wherein the power up initialization 
routine transmits the entered password entered by a user to the routine executing within a 
restricted portion of system memory using the calling convention and, responsive to receiving an 
indication from the routine executing within the restricted portion of memory that the entered 
password matched the password stored within the restricted portion of system memory, 
continues an operation requiring the entered password for execution. 

23. (previously presented) A computer program product within a computer usable medium for 
enabling use of a secure password, comprising: 

instructions for copying security data from a memory device in a computer to a restricted 
portion of the computer's system memory which is invisible to the operating system during 
power up initialization before an operating system is started, wherein the restricted portion of the 
computer's system memory contains code and data needed for low level system control functions 
that are independent of the operating system, and wherein a writing of data into the restricted 
portion of the computer's system memory is authorized only for a trusted software entity that has 

Page 7 

Docket No. RPS920000043US1 
Response B 



PAGE 8/28 * RCVD AT 5/2612005 2:43:23 PM [Eastern DayDght Time] • SVR:USPTMFXRM/0 1 DNIS:8729306 ' CSED:5123436446 ' DURATION (miMS):08-22 



MAY/26/2005/THU 01:33 PM DILLON & YUDELL, LLP 



FAX No. 5123436446 



P. 009 



been authenticated as having permission to access the restricted portion of the computer's system 
memory; and 

instructions for hard locking the memory device against direct access so that a reset 
signal is required to unlock the memory device before starting the.operatrag system. 

24. (original) The computer program product of claim 23, further comprising: 

instructions, responsive to receiving an entered password under the operating system, for 
calling a routine executing within the restricted portion of system memory to verify the 
password; and 

instructions for receiving an indication from the routine regarding whether the entered 
password matches a password within the security data copied to the restricted portion of system 
memory from the memory device. 

25. (original) The computer program product of claim 23, wherein the instructions for copying 
security data from a memory device to a restricted portion of system memory which is invisible 
to the operating system further comprise: 

instructions for checking a return address for a call requesting that the security data be 
copied to verify that the call originated with a trusted routine. 

26. (original) The computer program product of claim 25, wherein the instructions for checking 
a return address for a call requesting that the security data be copied to verify that the call 
originated with a trusted routine further comprise: 

instructions for placing a label within a basic input/output services routine implementing 
a process for copying the security data immediately after instructions for the call requesting that 
the security data be copied; 

an address for the label within code executing within the restricted portion of system 
memory and checking the return address for the call requesting that the security data be copied; 

instructions for comparing the return address and the address for the label; 

instructions, responsive to determining that the return address does not match the address 
for the-label, for returning a null response to the call requesting that the security data be copied; 
and 

PagcS 

Docket No. RPS920000043US1 
Response B 



PAGE 9/28'RCVD AT 5/26^005 2:43:23 PM [Eastern Daylight Time] 1 SVR:USPTO£FXRf -1/0' DNIS:8729306 ' CSID:5123436446 ' DURATION (mm-ss):08-22 



MAY/26/2005/THU 01:33 PM DILLON & YUDELL, LLP FAX No. 5123436446 



P. 010 



instructions, responsive to detemiining that the return address matches the address for the 
label, for copying the security data to. the restricted portion of system memory and resetting a 
retry counter. 

27. (original) The computer program product of claim 23, wherein the instructions for copying 
security data from a memory device to a restricted portion of system memory which is invisible 
to the operating system further comprise: 

instructions for copying the password and other sensitive data which requires protection 
from access under the operating system. 

28. (original) The computer program product of claim 23, wherein the instructions for copyings 
security data from a memory device to a restricted portion of system memory which is invisible 
to the operating system further comprise: 

instructions for loading the security data to regular system memory prior to initiating the 
call requesting that the security data be copied; and 

instructions for erasing the security data from regular system memory before starting the 
operating system upon receiving any response to the call requesting that the security data be 
copied. 

29. (previously presented) A computer program product within a computer usable medium fox 
enabling use of a secure password, comprising: 

instructions, responsive to receiving an entered password under an operating system, for 
calling a routine executing within a restricted portion of system memory to verify the password, 
wherein the restricted portion of system memory is invisible to the operating system and wherein 
the operating system and routines executing within the restricted portion of system memory 
communicate through a calling convention, wherein the restricted portion of the system memory 
contains code and data needed for low level system control functions that are independent of the 
operating system, and wherein a writing of data into the restricted portion of the system memory 
is authorized only for a trusted software entity that has been authenticated as having permission 
to access the restricted portion of the system memory; and 
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instructions for receiving only an indication from the routine executing within the 
restricted portion of memory regarding whether the entered password matched a password stored 
within the restricted portion of system memory. 

30. (previously presented) The computer program product of claim 29, wherein the restricted 
portion of the system memory is a System Management Interrupt (SMI) memory space. 

3 1 . (previously presented) The method of claim 1 , wherein the restricted portion of the system 
memory is a System Management Interrupt (SMI) memory space. 

32. (previously presented) The method of claim 7, wherein the restricted portion of the system 
memory is a System Management Interrupt (SMI) memory space. 

33. (previously presented) The data processing system of claim 12, wherein the restricted 
portion of the system memory is a System Management Interrupt (SMI) memory space. 
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IN THE CLAIMS 
Please amend claims 1, 7, 12* 18, 23 and 29-33 as indicated: 

1 . (currently amended) A method of enabling use of a secure password, comprising: 

during power up initialization before an operating system is started, copying security data 
from [[a]] an unsecure memory device in a computer to a restricted portion of the computer's 
system memory which is invisible to the operating syste m, wherein the restricted portion of the 
computer's system memory contains code an d data needed for low level system control functions 
that are in dependent of the operating system, and wherein a writing of data into the restricted 
portion of the computer's system memory is authorized only for a trusted software entity that has 
been authenticated as having permission to access the restricted portion of the co mputer's system 
memory: and 

before starting the operating system, hard locking the memory device against direct 
access so that a reset signal is required to unlock the memory device. 

2. (original) The method of claim 1 , further comprising: 

responsive to receiving an entered password under the operating system, calling a routine 
executing within the restricted portion of system memory to verify the password; and 

receiving an indication from the routine regarding whether the entered password matched 
a password within the security data copied to the restricted portion of system memory from the 
memory device. 

3 . (original) The method of claim 1 , wherein the step of copying security data from a memory 
device to a restricted portion of system memory which is invisible to the operating system further 
comprises: 

checjring a return address for a call requesting that the security data be copied to verify 
that the call originated with a trusted routine. 
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4. (original) The method of claim 3, wherein the step of checking a return address for a call 
requesting that the security data be copied to verify that the call originated with a trusted routine 
further comprises: 

placing a label within a basic input/output services routine implementing a process for 
copying the security data immediately after instructions for the call requesting that the security 
data be copied; 

placing an address for the label within code executing within the restricted portion of 
system memory and checking the return address for the call requesting that the security data be 
copied; 

comparing the return address and the address for the label; 

responsive to determining that the return address does not match the address for the label, 
returning a null response to the call requesting that the security data be copied; and 

responsive to determining that the return address matches the address for the label, 
copying the security data to the restricted portion of system memory and resetting a retry 
counter. 

5. (original) The method of claim 1 „ wherein the step of copying security data from a memory 
device to a restricted portion of system memory which is invisible to the operating system further 
comprises: 

copying the password and other sensitive data which requires protection from access 
■under the operating system. 

6. (original) The method of claim 1, wherein the step of copying security data from a memory 
device to a restricted portion of system memory which is invisible to the operating system further 
comprises: 

loading the security data to regular system memory prior to initiating the call requesting 
that the security data be copied; and 

■upon receiving any response to the call requesting that the security data be copied, 
erasing the security data from regular system memory before starting the operating system. 
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7. (currently amended) A method of enabling use of a secure password, comprising; 

responsive to receiving an entered password under an operating system, calling a routine 
executing within a restricted portion of system memory to verify the password, wherein the 
restricted portion of system memory is invisible to the operating system and wherein the 
operating system and routines executing within the restricted portion of system memory 
communicate through a calling conventio n* and wherein the restricted portion of the system 
memory contains code and data needed for low level system control functions that are 
independent of the operating system, and wherein a writing of data into the restricted portion of 
the system memory is authorized only for a trusted software entity tha t ha* h^n authenticated as 
having permission to access the restricted -portion of th e system memory: and 

receiving only an indication from the routine executing within the restricted portion of 
memory regarding whether the entered password matched a password stored within the restricted 
portion of system memory. 

8. (original) The method of claim 7, further comprising: 

during power up initialization before the operating system is started, copying a password 
from a memory device to the restricted portion of system memory; and 

before starting the operating system, hard locking the memory device against direct 
access so that a reset signal is required to unlock the memory device. 

9. (original) The method of claim 7, further comprising: 

determining whether a password is required for an operation by checking with the routine 
executing within a restricted portion of system memory to verify existence of a password. 

10. (original) The method of claim 7, further comprising: 

]jjpjHrt£ a number of retries for a user to reenter a password. 

1 1 . (original) The method of claim 7, further comprising: 

transmitting the entered password entered by a user to the routine executing within a 
restricted portion of system memory using the calling convention; and 

responsive to receiving an indication from the routine executing within the restricted 
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portion of memory thai the entered password matched the password stored within the restricted 
portion of system memory, continuing an operation requiring the entered password for execution. 

12. (currently amended) A data processing system, comprising: 

a memory device which may be hard locked against direct access so that a reset signal is 
required to unlock the memory device; and 

a power up initialization routine executing within the data processing system, wherein the 
power up initialization routine, before starting an operating system, copies security data from the 
memory device in a computer t o a restricted portion of the computer's system memory which is 
invisible to the operating system and hard locks the computer's memory devic e, wherein the 
restricted portion of the computer's system memory contains cnde an d data need ed for low level 
system control functions that are independent of the operating system, and wherein a writing of 
data into the restricted portion of the computer's system memory is authorized onlv for a trusted 
software entity that has been authenticated a s having permission to access the restricted portipa 
of the computer's system memory. 

13. (original) The data processing system of claim 12, wherein the power up initialization 
routine, responsive to receiving an entered password under the operating system, calls a routine 
executing within the restricted portion of system memory to verify the password and receives an 
indication from the routine regarding whether the entered password matched a password within 
the security data copied to the restricted portion of system memory from the memory device. 

14. (original) The data processing system of claim 13, wherein the routine executing within the 
restricted portion of system memory checks a return address for a call requesting that the security 
data be copied to verify that the call originated with a trusted routine. 

15. (original) The data processing system of claim 13, wherein the power up initialization 
routine, to facilitate checking a return address for a call requesting that the security data be 
copied to verify that the call originated with a trusted routine, places a label within a basic 
input/output services 
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routine implementing a process for copying the security data immediately after instructions for 
the call requesting that the security data be copied, wherein the routine executing within the 
restricted portion of system memory contains an address for the label, checks the return address 
for the call requesting that the security data be copied, and compares the return address and the 
address fox the label and, 

responsive to determining that the return address does not match the address for 
. the label, returning a null response to the call requesting that the security data be copied, 
and 

responsive to determining that the return address matches the address for the 
label, copying the security data to the restricted portion of system memory and resetting a 
retry counter. 

1 6. (original) The data processing system of claim 1 2, wherein the power up initialization 
routine copies the password and other sensitive data which requires protection from access under 
the, operating system, 

17- (original) The data processing system of claim 12, wherein the - power up initialization 
routine loads the security data to regular system memory prior to initiating the call requesting 
that the security data be copied and, upon receiving any response to the call requesting that the 
security data be copied, erases the security data from regular system memory before starting the 
operating system. 

1 8. (currently amended) A data processing system, comprising: 
an operating system; 

a memory device which may be hard locked against direct access so that a reset signal is 
required to unlock the memory device; 

a system memory including a restricted portion invisible to the operating system, wherein 
the operating system and routines executing within the restricted portion of system memory 
communicate through a calling convention; and 

a power up initialization routine executing within the data processing system, wherein the 
power up initialization routine, responsive to receiving an entered password under an operating 
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system, calls a routine executing within a restricted portion of system memory to verify the 
password, and receives only an indication from the routine executing within the restricted portion 
of memory regarding whether the entered password matched a password stored within the 
restricted portion of system memor y, wherein the restricted portion of the system memory 
contains code and data needed for low level system control functions that are independent of the 
operating system, and wherein a writing of data into the restricted portion of the system memory 
is authorized only for a trusted software entity that has been authenticated as having permission 
to access the restricted portion of the system memory. 

19* (original) The data processing system of claim 18, wherein the power up initialization 
routine, during power up initialization before the operating system is started, copies a password 
from the memory device to the restricted portion of system memory and, before starting the 
operating system, hard locks the memory device against direct access so that a reset signal is 
required to unlock the memory device. 

20. (original) The data processing system of claim 1 8, wherein the power up initialization 
routine determines whether a password is required for an operation by checking with the routine 
executing within a restricted portion of system memory to verify existence of a password. 

21 . (original) The data processing system of claim 1 8, wherein the routine executing within a 
restricted portion of system memory to verify the password limits a number of retries for a user 
to reenter a password- 

22. (original) The data processing system of claim 18, wherein the power up initialization 
routine transmits the entered password entered by a user to the routine executing within a 
restricted portion of system memory using the calling convention and, responsive to receiving an 
indication from the routine executing within the restricted portion of memory that the entered 
password matched the password stored within the restricted portion of system memory, 
continues an operation requiring the entered password for execution. 
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23. (currently amended) A computer program product within a computer usable medium for 
enabling use of a secure password, comprising: 

instructions for copying security data from a memory device in a computer to a restricted 
portion of the computer's system memory which is invisible to the operating system during 
power up initialization before an operating system is starte d, wherein the r estricted portion of the 
computer's system memory contains code and data needed for low level system co ntrol functions 
that are independent of the operating system, and wherein a writing of data into the restricted 
portion of the computer's system memory is authorized only for a trusted software entity that has 
been authenticated as having permission to access the restricted portion of the co mputer's system 
memory: and 

instructions for hard locking the memory device against direct access so that a reset 
signal is required to unlock the memory device before starting the operating system. 

24. (original) The computer program product of claim 23, further comprising: 

instructions, responsive to receiving an altered password under the operating system, for 
calling a routine executing within the restricted portion of system memory to verify the 
password; and 

instructions for receiving an indication from the routine regarding whether the entered 
password matches a password within the security data copied to the restricted portion of system 
memory from the memory device. 

25 . (original) The computer program product of claim 23 , wherein the instructions for copying 
security data from a memory device to a restricted portion of system memory which is invisible 
to the operating system further comprise: 

instructions for checking a return address for a call requesting that the security data be 
copied to verify that the call originated with a trusted routine. 

26. (original) The computer program product of claim 25, wherein the instructions for checking 
a return address for a call requesting that the security data be copied to verify that the call 
originated with a trusted routine further comprise; 

instructions for placing a label within a basic input/output services routine implementing 
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a process for copying the security data immediately after instructions for the call requesting that 
the security data be copied; 

an address for the label within code executing within the restricted portion of system 
memory and checking the return address for the call requesting that the security data be copied; 
instructions for comparing the return address and the address for the label; 

instructions, responsive to determining that the return address does not match the address 
for the-label, for returning a null response to the call requesting that the security data be copied; 
and 

instructions, responsive to detemuning that the return address matches the address for the 
label, for copying the security data to. the restricted portion of system memory and resetting a 
retry counter. 

27. (original) The computer program product of claim 23, wherein the instructions for copying 
security data from a memory device to a restricted portion of system memory which is invisible 
to the operating system further comprise: 

instructions for copying the password and other sensitive data which requires protection 
from access under the operating system. 

28. (original) The computer program product of claim 23, wherein the instructions for copying 
security data from a memory device to a restricted portion of system memory which is invisible 
to the operating system further comprise: 

instructions for loading the security data to regular system memory prior to initiating the 
call requesting that the security data be copied; and 

instructions for erasing the security data from regular system memory before starting the 
operating system upon receiving any response to the call requesting that the security data be 
copied. 

29. (currently amended) A computer program product within a computer usable medium for 
enabling use of a secure password, comprising: 

instructions, responsive to receiving an entered password under an operating system, for 
calling a routine executing within a restricted portion of system memory to verify the password, 
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wherein the restricted portion of system memory is invisible to the operating system and wherein 
the operating system and routines executing within the restricted portion of system memory 
communicate through a calling conventio n, wherein the restricted portion of the system memory 
contains code and data needed for low level system control functions that are independent of the 
operating system, and wherein a writing of data into the restricted portion of the system memory 
is authorized only for a trusted software entity that has been authenticated as having permission 
to access the restricted portion of the system memory: and 

instructions for receiving only an indication from the routine executing within the 
restricted portion of memory regarding whether the entered password matched a password stored 
within the restricted portion of system memory. 

30. (currently amended) The computer program product of claim 29, further oomprioing r 

inGtruotionq for copying a password from a memory dovioo to th e reotriotod portion of 

oyotam memory during pow e r up initioliflation befor e the op e rating syotcxin io started; an d 

instructiono for hard locking the m e mory devic e agoinot dir e ct - access so that a r e set 

mgnal i s required to unlock - tho memory- device b e fore starting th e operating ovn tera wherein the 
restricted portion of the system memory is a System Management Interrupt f SMI) memory 
space. 

31. (currently amended) The computer program product of claim 29, further oompris iag? 

xpfltructiono for determining whether a password is required for on operation by chocking 

with the routin e exoouting within a restricted portion of oystom memory to verify existence of a 
paaaword method of claim 1. where in the res t ricted p ortion of the s y stem m emory is a System 
Management Interrupt fSMD memory space . 

32. (currently amended) The computer program product of claim 29^ further comprising: 

mntructionn for limiting a number of ■ rote i og^br a user to r e enter a passw ord method of 

claim 7. wherein the restricted portion of the system memory is a System Management Interrupt 
TSMD memory space . 
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33 . (currently amended) The comput e r p ro gr nrn product of oleum 39, further comprising* 

instructions for transmitting the emtorod password entered by a user to th e routine 

executing within a reatriotod portion of oyctam memory using th e calling convention; and 

instruotiono, r e oponoiv e to receiving an indication from the routine executing within tho 

ge gtricted portion of memory that th e enter e d password match e d the paooword stored within th e 
r e strict e d portion of oyatem memory, for continuing on operation r e quiring th e entered password 
for e x e cution data processing system of claim 12. wherein the restricted portion of the system 
memory is a System Management Interrupt f SMTi memory space . 
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